Category
Security
Release Phase
Resolved
Bug Id
4863063
Date of Resolved Release08-APR-2004
On a Sun Cluster File System, ...
1. Impact
On a Sun Cluster File System, an unprivileged local user could cause a Denial of Service (DoS) by exploiting a race condition. This exploitation could be used to cause a cluster node to panic.
2. Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Sun Cluster 3.0 for Solaris 8 without patch 110648-30
-
Sun Cluster 3.0 for Solaris 9 without patch 112563-12
-
Sun Cluster 3.1 for Solaris 8 without patch 113800-07
-
Sun Cluster 3.1 for Solaris 9 without patch 113801-07
Notes:
-
Sun Cluster 2.x is not affected by this issue.
-
This issue only impacts Sun Cluster systems that are using a global file system.
To determine if a file system is mounted as a global file system (in this example a database), run the following command:
$ mount | perl -ne 'split; print if ($_[3]=~/\bglobal\b/)'
/oracle/d1 on /dev/md/oracle/dsk/d1 read/write/intr/global/dev=4b002a0 on Tue Dec 30 09:42:12 2003
The above example shows that the file system "/oracle/d1" has been mounted with the global option.
3. Symptoms
The system panics with a "mutex_enter: bad mutex" message similar to the following:
panic[cpu0]/thread=30000d37920: mutex_enter: bad mutex, lp=30000b274e8 owner=300013eda00
thread=30000d37920
000002a100f71360 unix:mutex_panic+5c (10415c80, 30000b274e8, 8d, 30000e70098, 781c23a0, 1)
%l0-3: 000000001000c268 0000030000b274e8 000002a100fd7990 0000030000429f28
%l4-7: 0000000000000000 0000000000000000 000003000193f340 000003000193f258
000002a100f71410 pxfs:__0fWpxfs_llm_callback_implGsignali+4 (30001402bf0, 0, 781c23a0,
781c23d0, 0, 1041b428)
%l0-3: 0000030001402bf0 00000300006b8e78 0000000000000000 0000000000000001
%l4-7: 0000000000000000 0000000000000000 0000000000000000 000000007fffffff
000002a100f714c0
cl_comm:__0Fk_fs_pxfs_llm_callback_wakeup_receiveP65CfsRpxfs_llm_callbackR6Hservice+14
(30001402bf0, 2a100f71800, 2a100f71800, 0, 30000f34d50, 30000147f90)
%l0-3: 00000000782c741c 0000030000a0f438 00000000000001e0 00000300018875e0
%l4-7: 000003000012a1e8 000003000011c548 0000000000002000 0000000000000000
4. Workaround
To work around the described issue, disable access to Sun Cluster File Systems for unprivileged users. This can be accomplished by using setfacl(1) (as "root" user) to set an Access Control List to a Sun Cluster File System, as shown in the following example:
# setfacl -m user:bill:--- /global/nfs-set/dir1
Note: Users running applications that utilize a Sun Cluster File System must have the required permissions to access these file systems.
5. Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Sun Cluster 3.0 for Solaris 8 with patch 110648-30 or later
-
Sun Cluster 3.0 for Solaris 9 with patch 112563-12 or later
-
Sun Cluster 3.1 for Solaris 8 with patch 113800-07 or later
-
Sun Cluster 3.1 for Solaris 9 with patch 113801-07 or later
This Sun Alert notification is being provided to you on an "AS
IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This
Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.
Copyright 2000-2010 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved.ProductSun Cluster 3.1
References
110648-30
112563-12
113800-07
113801-07
AttachmentsThis solution has no attachment